home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
Reverse Code Engineering RCE CD +sandman 2000
/
ReverseCodeEngineeringRceCdsandman2000.iso
/
RCE
/
Library
/
+HCU
/
001-010.TXT
next >
Wrap
Text File
|
2000-05-25
|
27KB
|
705 lines
--------------------------------------------------------
+HCU Maillist Issue: 1 1997/09/02
--------------------------------------------------------
Send Articles To:......................... *************
Info, Help, Unsubscription, etc.:...... ****************
--------------------------------------------------------
Welcome everybody to the +HCU Maillist!
First of all, I would like to thank you all for your letters and
suggestions about the list.
Since more than ten guys subscribed, I officially start the list
with this very first issue at the 1st of September.
Ok, now the rules of the game!
- send the letters you would like to see on the list to the
************* address
- with all other problems like help, info, unsubscription send a
letter to the managment at the **************** address
All letters sent to the ************* address will be processed
automatically ( at least will be soon, I hope) and send out to all
subscribers. The letters arriving at the managment address are
handled manually, so no special rules apply, just write about your
problem in plain english. (BTW, the language of the list is
English too, if you wondered!)
- the list is digested, one issue per 24 hours
This means every article arriving to the list are collected in one
file and sent out to the subscribers once a day. The text of the
individual articles are not changed at all, they just appended
after each other. At the begining, even when no publishable article
arrived, I send out an issue with a message, warning that you were
lazy and did not write anything yesterday. This annoying habit
of the list remains only during the first weeks, because I want
to test the reliability of the technics behind the list. So if you
don't hear about the list, let's say for two days, send a complaining
letter to the **************** address.
- there is no moderation, what so ever
Because, of the automatic nature of the list what you write it
will appear on the list. On the other hand if somebody starts to
behave like a lamer ( this may be clarified later) he will be
removed from the list. (It might even be the faster way to unsubscribe
than sending letters to the managment.:) This takes us to the question
who can subscribe and/or write to the list.
- anybody is allowed to subscribe to the list, but only subscribers
are allowed to write to the list
At this moment there are only 13 subscribers to the list so I don't think
it's necessary to decrease the number of potential writers by further
restrictions. If only subscribers are allowed to write to the list that
is some kind of protection from outsiders shouting into our discussions.
Furthermore the list is not advertised at all (at least not by me), no
web page, newsgroup message, what so ever. I will ask Fravia to put up
a small link to the mananagment address, deep inside his pages where
only the dedicated ones can find. That will be the only entrance
to the list so hopefully we will be protected from lamers.
If a distinguished HCUker (God for bid, +ORC himself) who is not a
subscriber of the list would like to publish some thing, he can write
to the managment and his article will be inserted in the next issue.
- the list has minimal security, so everybody who cares about
anonimity must take care of it himself
Most of the subscribers seems not to care about their anonimity so I
do not intend to setup serious security precautions (like PGP). One
thing I will do, however is to rip off the originating address of every
letter before its inserted into the digested issue to protect the
anonimity of the writers. If some body wants to have his address
published (for example to initiate a privite conversation) then he
must write his address in to the body of his letter.
Well, I think that's enough for the begining. Of course, these rules
are not carved in stone we can change them any time. As a matter of fact
we might start some discussion about them on the list at once. For those
who would like more technical topics : (since september is here)
Could anybody find a crack for the 1998 strainer MSMONEY which
patches the exe at a single position, but eliminates all the different
kind of date checks? I had to patch at three different positions and
I wonder if it can be done with less?
Don't for get: send all your articles to *************
Zer0
PS: I have already sent this issue out on the 1st of September, but
most probably it could not go through, so I resend it. Sorry, if you
happen to read this twice.
-- End --
------------------------------------------------------------
+HCU Maillist Issue: 2 09/03/1997
------------------------------------------------------------
Send Articles To:............................. *************
Info, Help, Unsubscription, etc:........... ****************
------------------------------------------------------------
ARTICLES:
-----#1-----------------------------------------------------
Subject: none
Hello all list subscribers!
Firstly I'd like to congratulate Zer0 for initiating such a fantastic
idea - thanks Zer0!
> Could anybody find a crack for the 1998 strainer MSMONEY which
> patches the exe at a single position, but eliminates all the
> different kind of date checks? I had to patch at three different
> positions and I wonder if it can be done with less?
I can confirm that is *is* possible to crack MSMONEY 3 trial (English
version) with just one byte - this patch eliminates all the date
checks *and* the 90 transaction check - in other words, all the
checks, nags etc. I do not know whether this is possible for MSMONEY
97 trial though...in fact, in order to patch MSMONEY 97 to eliminate
*every* possible nag and date check, I patched five locations (if I
remember correctly), but this allowed you to use MSMONEY under any
circumstances whatsoever, wihtout any nags at all (including the one
on exiting).
See my 1998 HCU entry for more details of the one-byte-patch for
MSMONEY 3 and my reasons for patching five locations in MSMONEY 97
(fraiva+ will post it on the 15th).
Cya,
+ReZiDeNt
-----#2-----------------------------------------------------
Subject: Interesting protection
Hi! Can somebody please help me to crack a small utility called
Internet Commander. You can get it at:
**********************************************************
It's written in Delphi and has got some nasty protection. I couldn't
find any nag strings inside the disassembly. Besides, I wasn't even able
to determine how it creates dialog and messageboxes. (it doesn't use
regular APIs for that).
Any ideas would be greatly appreciated.
Great Dalmuti ***************************
______________________________________________________
Get Your Private, Free Email at **********************
-----End of Issue 2-----------------------------------------
============================================================
+HCU Maillist Issue: 3 09/04/1997
------------------------------------------------------------
Send Articles To:............................. *************
Info, Help, Unsubscription, etc:........... ****************
============================================================
ARTICLES:
-----#1-----------------------------------------------------
Subject: RE: Help for Great Dalmuti
I did'nt want want my first contribution to the mailing list to be for
such a stupid protection.
but Great Dalmuti asked for help on this one.(and i had some spare time)
Internet Commander *********************************************************
I still don't know what is this prog.
(but it sure does'nt deserve the 6 US $ reg. fee)
(for people who did not check this out:It has a 10 seconds nag,and "Please
Register" everywhere.The prog. is one file called "icwse.exe" )
This prog. is interpreted .. (I didn't know the language, but sure duzn;t
look like delphi ,maybe some delphi component is used...I don't have much
Delphi info :(
(I found out that after an hour at softice ,most of windows API calls are
done with GDI)
I found out the following chunk in the exe.. (I could not beleive it either)
(Commented using Common Sense v 0.00000)
|:RegCheck|:StripNum
|SD "[Regno]" "10" "6" "[RegVar1]" ; did not figure out those.
|SD "[RegVar1]" "1" "8" "[RegVar1]" ; they not added
|SD "[Regno]" "7" "9" "[RegVar2]" ; nor multipled.
|SD "[RegVar2]" "1" "5" "[RegVar2]" ; just split into two variables
|MA "([RegVar1] * [RegVar2])" "0" "[Calc]" ; a simple multiply
|MA "([Calc]/2)" "0" "[Calc]" ; divide by 2
|MA "([Calc]+5)" "0" "[Calc]" ; add 5
|MA "([Calc]*63)" "0" "[Calc]" ; multiply by 63
||IF "[Calc]" "=" "882"|GO "Page 1"|Else|GO "License" ; if result:
; = 882 -> good guy
; <> 882 -> bad guy
To crack:
Change the occurance of "882" to "315" in the main icwse.exe file.
(parenthesis included).
You will find the above repeated in icwse.exe 4 - 5 times.
Then register using "0000000000"
why 315 ? ..
RegValue1 * RegValue1 = Calc =0
Calc/2=0
Calc+5=5
Calc * 63 =315
btw: this prog "lays eggs" to some dll called Sky32v3c.dll ,it does some .jpg
and etc.. and graphics handling.
and the reg. info is stored as plain text in "ic.dat"
That's it.
Greeting to all +HCU members and to Zero for the time he spent in this
mailing list.
And ofcourse to +ORC and Fravia
Kox
-----End of issue 3 ----------------------------------------
PS: Some of you will get this issue twice. Please, bear with me, the system
is still under construction. :)
============================================================
+HCU Maillist Issue: 4 09/05/1997
------------------------------------------------------------
Send Articles To:............................. *************
Info, Help, Unsubscription, etc:........... ****************
============================================================
ARTICLES:
-----#1-----------------------------------------------------
Subject: Re: +HCU ML Issue 3
Hello everybody!
>This prog. is interpreted .. (I didn't know the language, but sure duzn;t
>look like delphi ,maybe some delphi component is used...I don't have much
>Delphi info :(
Just ask :)
For some tasks Delphi can be viewed as an interpreter. It recollect a lot of
information during the design phase that is stored as resources. You can
view a part of it with the Resource Workshop (resources of type RCDATA).
If you extract this resources as .RES and skip the header (all before
"TPF0...") it can be converted to text with "Convert.exe" an utility
included with Delphi. Still not sure what this information can be useful
for, but Great Dalmuti asked about strings not appearing in dissasembly.
>Greeting to all +HCU members and to Zero for the time he spent in this
>mailing list.
>
>And ofcourse to +ORC and Fravia
"Add me too ;)"
greetings
trurl
-----End of Issue 4-----------------------------------------
--------------------------------------------------------
+HCU Maillist Issue: 5 09/06/1997
--------------------------------------------------------
Send Articles To:......................... *************
Info, Help, Unsubscription, etc:....... ****************
--------------------------------------------------------
ARTICLES:
-----#1-----------------------------------------------------
Subject: Re: Help for Great Dalmuti
Subject: RE:
> I did'nt want want my first contribution to the mailing list to be for
> such a stupid protection.
Well, it's really stupid, but hey, we all want to learn something! :)
> but Great Dalmuti asked for help on this one.(and i had some spare time)
Fortunately, I've got some more spare time to make a little keygen (I don't
think it takes SO MUCH, though ;)
> I still don't know what is this prog. (but it sure does'nt deserve the 6 US$
> reg. fee)
You are right, Kox! Anyway, it's a good exercise: I've never cracked any
program written in Delphi before :) Now I know it's quite easy, if they're all
like this! :) Let me quote this piece of "code"... my comments are preceded by
a "**"
> |:RegCheck|:StripNum **STRIPNUM!!! THE NAME TELLS
EVERYTHING!
> |SD "[Regno]" "10" "6" "[RegVar1]"
Let me read this: "Strip from regno the chars from 10th to (10+6)th position,
then put the result in Regvar1
> |SD "[RegVar1]" "1" "8" "[RegVar1]" ** SEE ABOVE
> |SD "[Regno]" "7" "9" "[RegVar2]" ** SEE ABOVE
> |SD "[RegVar2]" "1" "5" "[RegVar2]" ** SEE ABOVE
> |MA "([RegVar1] * [RegVar2])" "0" "[Calc]" ; a simple multiply
> |MA "([Calc]/2)" "0" "[Calc]" ; divide by 2
> |MA "([Calc]+5)" "0" "[Calc]" ; add 5
> |MA "([Calc]*63)" "0" "[Calc]" ; multiply by 63
> ||IF "[Calc]" "=" "882"|GO "Page 1"|Else|GO "License"
Ok, now we have ALL the information to make up a key generator:
the last number must be 882, and it is made up by
(((Regvar1*Regvar2)/2)+5)*63
Now we just have to create Regvar1 and Regvar2 such that their product is
((882/63)-5)*2
or simply 18 :)
Now, how are Rv1 and Rv2 made up? Let's suppose this is the original number:
123456789012345 (15 chars)
To make up Rv1 I strip all the nums from the 10th position
123456789
then all the nums from the 1st position 'till the 8th
9
Hey! It's just the number in the 9th position!!! :)
If you look at the code for Rv2, you can see that the result is the 6th digit.
Now a key generator just have to generate random numbers for the other digits,
then simply put these values in Rv1 and Rv2:
Rv1 Rv2
2 9
3 6
6 3
9 2
Not so many combinations, I think :)
Do I really have to write the C code? Please, don't ask it! I'm sooo lazy... ;)
(if you like, I can send it, but I think you can all do this :)
Now I've got a question for you: I've written a patcher, a program which takes
two files of the same length and checks for the differences to make a patch...
You know, of course, how useful it is for us :) My question is: have you done
something like this? How does it work? I didn't want the patcher to write the
final .exe (yes, it's in C and writes C patches... i didn't have the time to
make it in ASM yet O:-), so it writes the C SOURCE for the patch. I think it's
more useful, because in this way everybody can change the source and put his
name and so on... are you interested in it? Would you like to give me some
suggestions to make it better? To avoid reading too many "I'm interested" in
next +hcu ml issue, you can write directly to ************************ then
I'll put on the following issue the instructions to download it by mail (I hope
it will work... it's the first time I use it! :)
byez,
.MaLaTTiA.
-----#2-----------------------------------------------------
Subject: Delphi/C++Builder/NeoBook etc.
Hello Everyone!
A little comment on cracking apps made with Borland products:
> >This prog. is interpreted .. (I didn't know the language, but sure
> >duzn;t look like delphi ,maybe some delphi component is used...I
> >don't have much Delphi info :(
The program (I don't think it deserves that title) was
written with NeoBook - sort of like Asymetrix Toolbook or Corel
Clik-n-Create - basically a crude multimedia presentation creation
application.
> For some tasks Delphi can be viewed as an interpreter. It recollect
> a lot of information during the design phase that is stored as
> resources. You can view a part of it with the Resource Workshop
> (resources of type RCDATA). If you extract this resources as .RES
> and skip the header (all before "TPF0...") it can be converted to
> text with "Convert.exe" an utility included with Delphi. Still not
> sure what this information can be useful for, but Great Dalmuti
> asked about strings not appearing in dissasembly.
I've not used Delphi much (I dislike Pascal) but I've been
using C++Builder a lot recently - it has many excellent points
(compiles ANSI C code, allows direct WIN32 API calls etc) - but I
found that cracking code created with it is very much like cracking
Dephi programs. I believe this is due to the fact that C++Builder
utilises the VCL (Visual Component Library), as does Delphi. Since the
VCL is coded in Deplhi (and C++Builder can compile Delphi code!) the
resulting code can look very much alike. As an example, when cracking
a Delphi app with a registration code protection, you'll probably find
that you can't set a breakpoint on 'GetWindowText' (since this call is
apparently not used by the VCL) - you'll need to try 'hmemcpy' or
something similar - the same is true of C++Builder. In fact, anything
that applies to Delphi will appliy to C++Builder as well if the
program use the VCL (this may not always be the case, as C++Builder
can also compile programs using the OWL or MFC libraries). Anyway, I
hope this info helps any newbies who come across Delphi/C++Builder
programs (these will probably become more common, as there are rumours
that Borland will merge C++Builder and Borland C/C++ for the next
release)
+ReZiDeNt
-----End of Issue 5----------------------------------------
--------------------------------------------------------
+HCU Maillist Issue: 6 09/07/1997
--------------------------------------------------------
Send Articles To:......................... *************
Info, Help, Unsubscription, etc:....... ****************
--------------------------------------------------------
ARTICLES:
-----#1-----------------------------------------------------
Subject: patchers
On 6 Sep 97 at 14:41, ************* wrote:
> Now I've got a question for you: I've written a patcher, a program
> which takes two files of the same length and checks for the
> differences to make a patch... You know, of course, how useful it is
> for us :) My question is: have you done something like this? How
> does it work? I didn't want the patcher to write the final .exe
> (yes, it's in C and writes C patches... i didn't have the time to
> make it in ASM yet O:-), so it writes the C SOURCE for the patch.
(from MALATTIA)
Well, there's already an alpha version of a program that does exactly
what you are saying - compares two files of the same length, checks
the differences, writes the patch in C and then, after you changed
it, if you want to do so, compiles it to an exe file.
Unfortunately, the link to it went down yesterday... it was at Odin's
cracking resources. Anyway, it's an 800 KB file, called patchit.zip
The name of the program is 'PatchIt 97' and it's made by Qapla.
Until 00:01 GMT of 8 September, you can fetch it at
**************************************
IF and ONLY IF you type the address correctly.
Incidentally, if you want something funny for a homepage (funny IMHO,
that is), get ribbon2.gif from the same ~cardone. You know those
'blue ribbon' things, free speech, right? Well, this is 'black ribbon
campaign - kill the lamers'
WAFNA of FCA
-----End of Issue 6----------------------------------------
========================================================
+HCU Maillist Issue: 7 09/08/1997
--------------------------------------------------------
Send Articles To:......................... *************
Info, Help, Unsubscription, etc:....... ****************
========================================================
CONTENTS:
#1 Subject: Re: +HCU ML Issue 5
ARTICLES:
-----#1-------------------------------------------------
Subject: Re: +HCU ML Issue 5
Hello!
>> but Great Dalmuti asked for help on this one.(and i had some spare time)
Please, never change a quoted text... I have NO spare time at all :(
>Fortunately, I've got some more spare time to make a little keygen (I don't
>think it takes SO MUCH, though ;)
The idea was saving even more time in every Delphi (or C++Builder) app.
>From the resources you can find not only the attributes of the button but
also the *address* of the routine that is called when you push it.
Unfortunately it didn't work for this particular case O:-)
because as you say:
>like this! :) Let me quote this piece of "code"...
....this is not Delphi code. It's a script language executed from delphi.
greetings
trurl
=====End of Issue 7=====================================
-- End --
========================================================
+HCU Maillist Issue: 8 09/09/1997
--------------------------------------------------------
Send Articles To:......................... *************
Info, Help, Unsubscription, etc:....... ****************
========================================================
CONTENTS:
#1 Subject: Some info about the list
ARTICLES:
-----#1-------------------------------------------------
Subject: Some info about the list
Hi everybody!
I think it's time to try the list myself :)
There are two things I forgot to mention before.
The first thing: The list can not accept letters longer than 20 kb.
The long letters are filtered out and will not appear on the list.
If somebody happens to have some info which he can not squeeze into
20 kb :() please, split it into two separate letters.
The second thing is much more important: if somebodys subscribing
address is not valid anymore please, notify me as soon as possible
to stop the list sending issues to that address. The big problem
with an invalid address is, that the bouncing back letters are
not comming to me, but to the postmaster of our domain :(
I guess this in a long run might be unhealthy for me and the list.
I am working on the problem, but in the mean time tell me if an
address is not valid anymore. If somebody has intimate knowledge
about the SMTP protocol and knows how i can redirect the return
path from my computer to an other e-mail address (Sender: field
maybe), please let me know, too.
Thanks in advance
ZER0
=====End of Issue 8=====================================
========================================================
+HCU Maillist Issue: 9 09/10/1997
--------------------------------------------------------
Send Articles To:......................... *************
Info, Help, Unsubscription, etc:....... ****************
========================================================
CONTENTS:
#1 Subject: Re: patchers
#2 Subject: *******
#3 Subject: Internet Commander was created with *NeoBook*
ARTICLES:
-----#1-------------------------------------------------
Subject: Re: patchers
On 7 Sep 97 at 15:51, WAFNA of FCA wrote:
> Well, there's already an alpha version of a program that does exactly
> what you are saying - compares two files of the same length, checks
> the differences, writes the patch in C and then, after you changed
> it, if you want to do so, compiles it to an exe file.
Woa! Great! It' like what I want for the next versions of my proggie...
> Until 00:01 GMT of 8 September, you can fetch it at
> **************************************
Thanx a lot, I've downloaded it immediately! :)
I've seen the program... :-O it's wonderful. I don't know how to feel... it's
great! It's exactly how I wanted to make my program like, and it's good looking
too... my proggie is under DOS, so it doesn't have such a beautiful GUI, and
it's VERY simple... I don't really know if I want to go on with it, after
this... :)
> Incidentally, if you want something funny for a homepage (funny IMHO,
> that is), get ribbon2.gif from the same ~cardone. You know those
> 'blue ribbon' things, free speech, right? Well, this is 'black ribbon
> campaign - kill the lamers'
Very nice!!! I've downloaded it! :)) Maybe I'll put it in my homepage too... :)
erm... I'm afraid I'm offtopic... sorry! O:-)
I've got a question for you all, boyz... what are the tools you have programmed
that you find most useful? Do you think there's something every cracker should
have? You don't have to tell me your "secret tricks"... just something to help
me to learn and crack better, maybe! :)
byez,
.MaLaTTiA.
-----#2-------------------------------------------------
Subject: *******
Hello Everyone!
I greatly appreciate all the help I got on cracking the internet
commander. I need some more help however. I found a pretty interesting
program on the web called ******* by Farallon
*********************************************************************************
What it allows you to do is observe someone else's desktop in real time
over the network. It is cross-platform too (can observe mac from PC and
vise versa). Although this program is free, it has couple of drawbacks.
First of all it is a 16 bit program (they didn't even bother building a
32 bit version). Second, it displays a dialog box telling you to upgrade
it to some other prog for only $49.95 every time you run it. Whatever I
tried, I could not get rid of the dialog. Borland Resource Workshop will
painlessly delete any other dialog from the prog, but deleting this one
causes a crash. Patching fails too.
Can you guys help me with this one please. Thanks in advance.
Great Dalmuti
P.S. I think that the ultimate goal we can reach with this prog, is to
remove all the strings and dialogs, make it startup quietly on your
enemy's computer, so you can watch over him anytime you want. Cool huh?
By the way, do you know of any other progs that can do similar things?
Something 32 bit maybe!
______________________________________________________
Get Your Private, Free Email at **********************
-----#3-------------------------------------------------
Subject: Internet Commander was created with *NeoBook*
Hi there people,
> ....this is not Delphi code. It's a script language executed from
> delphi.
Actually, it isn't made in Delphi at all - it's created with
a program called 'NeoBook' available from
**************************
It may be possible that NeoBook itself was written in Dephi
however...
Cya,
+ReZiDeNt
=====End of Issue 9=====================================
=====NOTE: Issue #10 DOES NOT EXIST!====================
